Replies: 1 comment
-
|
Hi @alexzon, it is considered an issue because it can be combined with some other actions not present in the policies combination list below. I think this action by itself won't be harmful. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Considering the control Ensure no Customer Managed IAM policies allow actions that may lead into Privilege Escalation, why the action
iam:PassRoleby itself is considered an issue?File reference (line 20)
The following lines (21+) list actions that, in combination with iam:PassRole, are a risk.
I've done some research and couldn't find anything supporting that the action alone is a risk.
Does this check consider conditions? Is it there as a best practice the limit the PassRole action?
Thanks in advance for any insights on this.
Beta Was this translation helpful? Give feedback.
All reactions